\d+)/member/add/$', ajax_add_group_member, name='group_add_member'),
)
import seahub.settings as settings
diff --git a/seahub/group/views.py b/seahub/group/views.py
index e11aebae74..1476590ba9 100644
--- a/seahub/group/views.py
+++ b/seahub/group/views.py
@@ -17,7 +17,7 @@ from django.utils.http import urlquote
from django.utils.translation import ugettext as _
from django.utils.translation import ungettext
-from seahub.auth.decorators import login_required
+from seahub.auth.decorators import login_required, login_required_ajax
import seaserv
from seaserv import ccnet_threaded_rpc, seafserv_threaded_rpc, \
web_get_access_token, seafile_api, get_repo, get_group_repos, get_commits, \
@@ -146,10 +146,10 @@ def group_check(func):
return _decorated
########## views
-@login_required
+@login_required_ajax
def group_add(request):
"""Add a new group"""
- if not request.is_ajax() or request.method != 'POST':
+ if request.method != 'POST':
raise Http404
username = request.user.username
@@ -453,56 +453,56 @@ def group_message_remove(request, group_id, msg_id):
def msg_reply(request, msg_id):
"""Show group message replies, and process message reply in ajax"""
+ if not request.is_ajax():
+ raise Http404
+
content_type = 'application/json; charset=utf-8'
- if request.is_ajax():
- ctx = {}
- try:
- group_msg = GroupMessage.objects.get(id=msg_id)
- except GroupMessage.DoesNotExist:
- return HttpResponseBadRequest(content_type=content_type)
+ ctx = {}
+ try:
+ group_msg = GroupMessage.objects.get(id=msg_id)
+ except GroupMessage.DoesNotExist:
+ return HttpResponseBadRequest(content_type=content_type)
- if request.method == 'POST':
- if not request.user.is_authenticated():
- return HttpResponseBadRequest(json.dumps({
- "error": "login required"}), content_type=content_type)
+ if request.method == 'POST':
+ if not request.user.is_authenticated():
+ return HttpResponseBadRequest(json.dumps({
+ "error": "login required"}), content_type=content_type)
- form = MessageReplyForm(request.POST)
- r_status = request.GET.get('r_status')
- # TODO: invalid form
- if form.is_valid():
- msg = form.cleaned_data['message']
+ form = MessageReplyForm(request.POST)
+ r_status = request.GET.get('r_status')
+ # TODO: invalid form
+ if form.is_valid():
+ msg = form.cleaned_data['message']
- msg_reply = MessageReply()
- msg_reply.reply_to = group_msg
- msg_reply.from_email = request.user.username
- msg_reply.message = msg
- msg_reply.save()
+ msg_reply = MessageReply()
+ msg_reply.reply_to = group_msg
+ msg_reply.from_email = request.user.username
+ msg_reply.message = msg
+ msg_reply.save()
- # send signal if reply other's message
- if group_msg.from_email != request.user.username:
- grpmsg_reply_added.send(sender=MessageReply,
- msg_id=msg_id,
- from_email=request.user.username,
- reply_msg=msg)
- replies = MessageReply.objects.filter(reply_to=group_msg)
- r_num = len(replies)
- if r_num < 4 or r_status == 'show':
- ctx['replies'] = replies
- else:
- ctx['replies'] = replies[r_num - 3:]
- html = render_to_string("group/group_reply_list.html", ctx)
- serialized_data = json.dumps({"r_num": r_num, "html": html})
- return HttpResponse(serialized_data, content_type=content_type)
-
- else:
+ # send signal if reply other's message
+ if group_msg.from_email != request.user.username:
+ grpmsg_reply_added.send(sender=MessageReply,
+ msg_id=msg_id,
+ from_email=request.user.username,
+ reply_msg=msg)
replies = MessageReply.objects.filter(reply_to=group_msg)
r_num = len(replies)
- ctx['replies'] = replies
+ if r_num < 4 or r_status == 'show':
+ ctx['replies'] = replies
+ else:
+ ctx['replies'] = replies[r_num - 3:]
html = render_to_string("group/group_reply_list.html", ctx)
serialized_data = json.dumps({"r_num": r_num, "html": html})
return HttpResponse(serialized_data, content_type=content_type)
+
else:
- return HttpResponseBadRequest(content_type=content_type)
+ replies = MessageReply.objects.filter(reply_to=group_msg)
+ r_num = len(replies)
+ ctx['replies'] = replies
+ html = render_to_string("group/group_reply_list.html", ctx)
+ serialized_data = json.dumps({"r_num": r_num, "html": html})
+ return HttpResponse(serialized_data, content_type=content_type)
@login_required
def msg_reply_new(request):
@@ -662,11 +662,20 @@ def send_group_member_add_mail(request, group, from_user, to_user):
subject = _(u'You are invited to join a group on %s') % SITE_NAME
send_html_email(subject, 'group/add_member_email.html', c, None, [to_user])
-def ajax_add_group_member(request, group):
+@login_required_ajax
+@group_staff_required
+def ajax_add_group_member(request, group_id):
"""Add user to group in ajax.
"""
result = {}
content_type = 'application/json; charset=utf-8'
+
+ group = get_group(group_id)
+ if not group:
+ result['error'] = _(u'The group does not exist.')
+ return HttpResponse(json.dumps(result), status=400,
+ content_type=content_type)
+
username = request.user.username
member_name_str = request.POST.get('user_name', '')
@@ -780,13 +789,6 @@ def group_manage(request, group_id):
if not group:
return HttpResponseRedirect(reverse('group_list', args=[]))
- if request.method == 'POST':
- """
- Add group members.
- """
- return ajax_add_group_member(request, group)
-
- ### GET ###
members_all = ccnet_threaded_rpc.get_group_members(group.id)
admins = [ m for m in members_all if m.is_staff ]
@@ -811,7 +813,7 @@ def group_manage(request, group_id):
"mods_available": mods_available,
}, context_instance=RequestContext(request))
-@login_required
+@login_required_ajax
@group_staff_required
def group_add_admin(request, group_id):
"""
@@ -819,7 +821,7 @@ def group_add_admin(request, group_id):
"""
group_id = int(group_id) # Checked by URL Conf
- if request.method != 'POST' or not request.is_ajax():
+ if request.method != 'POST':
raise Http404
result = {}
@@ -927,7 +929,7 @@ def group_remove_member(request, group_id, user_name):
return HttpResponseRedirect(reverse('group_manage', args=[group_id]))
-@login_required
+@login_required_ajax
def group_recommend(request):
"""
Recommend a file or directory to a group.
@@ -954,12 +956,12 @@ def group_recommend(request):
try:
group_id = int(group_id)
except ValueError:
- result['err'] = _(u'Error: wrong group id')
+ result['error'] = _(u'Error: wrong group id')
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
group = get_group(group_id)
if not group:
- result['err'] = _(u'Error: the group does not exist.')
+ result['error'] = _(u'Error: the group does not exist.')
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
# TODO: Check whether repo is in the group and Im in the group
@@ -994,10 +996,10 @@ def group_recommend(request):
result['success'] = _(u'Successfully posted to %(groups)s.') % {'groups': ', '.join(groups_posted_to)}
if len(groups_not_in) > 0:
- result['err'] = _(u'Error: you are not in group %s.') % (', '.join(groups_not_in))
+ result['error'] = _(u'Error: you are not in group %s.') % (', '.join(groups_not_in))
else:
- result['err'] = str(form.errors)
+ result['error'] = str(form.errors)
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
# request.method == 'GET'
@@ -1006,10 +1008,10 @@ def group_recommend(request):
path = request.GET.get('path', None)
repo = get_repo(repo_id)
if not repo:
- result['err'] = _(u'Error: the library does not exist.')
+ result['error'] = _(u'Error: the library does not exist.')
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
if path is None:
- result['err'] = _(u'Error: no path.')
+ result['error'] = _(u'Error: no path.')
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
# get discussions & replies
@@ -1034,7 +1036,7 @@ def group_recommend(request):
return HttpResponse(json.dumps(result), content_type=content_type)
-@login_required
+@login_required_ajax
def create_group_repo(request, group_id):
"""Create a repo and share it to current group"""
@@ -1113,12 +1115,12 @@ def create_group_repo(request, group_id):
return HttpResponse(json.dumps({'success': True}),
content_type=content_type)
-@login_required
+@login_required_ajax
def group_joinrequest(request, group_id):
"""
Handle post request to join a group.
"""
- if not request.is_ajax() or request.method != 'POST':
+ if request.method != 'POST':
raise Http404
result = {}
@@ -1152,14 +1154,12 @@ def group_joinrequest(request, group_id):
else:
return HttpResponseBadRequest(json.dumps(form.errors),
content_type=content_type)
-
+
+@login_required_ajax
def attention(request):
"""
Handle ajax request to query group members used in autocomplete.
"""
- if not request.is_ajax():
- raise Http404
-
user = request.user.username
name_str = request.GET.get('name_startsWith')
gids = request.GET.get('gids', '')
@@ -1201,7 +1201,6 @@ def attention(request):
content_type = 'application/json; charset=utf-8'
return HttpResponse(json.dumps(result), content_type=content_type)
-
@group_check
def group_add_discussion(request, group):
@@ -1480,6 +1479,7 @@ def group_wiki_pages(request, group):
"mods_available": mods_available,
}, context_instance=RequestContext(request))
+@login_required_ajax
@group_check
def group_wiki_create(request, group):
if group.view_perm == "pub":
diff --git a/seahub/message/templates/message/all_msg_list.html b/seahub/message/templates/message/all_msg_list.html
index afaf113571..a5c7379807 100644
--- a/seahub/message/templates/message/all_msg_list.html
+++ b/seahub/message/templates/message/all_msg_list.html
@@ -110,8 +110,14 @@ $('#add-msg').click(function() {
popup.html('' + "{% trans "please add contacts at first" %}" + '
');
}
},
- error: function() {
- popup.html('' + "{% trans "Failed to get your contacts for sending a message." %}" + '
');
+ error: function(jqXHR, textStatus, errorThrown) {
+ var error;
+ if (jqXHR.responseText) {
+ error = $.parseJSON(jqXHR.responseText).error;
+ } else {
+ error = "{% trans "Please check the network." %}";
+ }
+ popup.html('' + error + '
');
}
});
});
diff --git a/seahub/message/views.py b/seahub/message/views.py
index 6def8468a6..1ba6213109 100755
--- a/seahub/message/views.py
+++ b/seahub/message/views.py
@@ -9,11 +9,10 @@ from django.core.urlresolvers import reverse
from django.template import RequestContext
from django.core.paginator import EmptyPage, InvalidPage
from django.utils.translation import ugettext as _
-from django.views.decorators.http import require_POST
from models import UserMessage, UserMsgAttachment
from message import msg_info_list
-from seahub.auth.decorators import login_required
+from seahub.auth.decorators import login_required, login_required_ajax
from seahub.base.accounts import User
from seahub.base.decorators import user_mods_check
from seahub.views import is_registered_user
@@ -108,7 +107,7 @@ def user_msg_list(request, id_or_email):
"to_email": to_email,
}, context_instance=RequestContext(request))
-@login_required
+@login_required_ajax
def user_msg_remove(request, msg_id):
"""Remove sent message.
"""
@@ -134,7 +133,7 @@ def user_msg_remove(request, msg_id):
'err_msg': _(u"You don't have the permission.")
}), content_type=json_ct)
-@login_required
+@login_required_ajax
def user_received_msg_remove(request, msg_id):
"""Remove received message.
"""
@@ -160,13 +159,12 @@ def user_received_msg_remove(request, msg_id):
'err_msg': _(u"You don't have the permission."),
}), content_type=json_ct)
-@login_required
-@require_POST
+@login_required_ajax
def message_send(request):
"""Handle POST request to send message to user(s).
"""
- if not request.is_ajax() or request.method != 'POST':
+ if request.method != 'POST':
raise Http404
content_type = 'application/json; charset=utf-8'
@@ -251,13 +249,10 @@ def message_send(request):
return HttpResponse(json.dumps({"html": html, "error": errors}), status=400, content_type=content_type)
-@login_required
+@login_required_ajax
def msg_count(request):
"""Count user's unread message.
"""
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
username = request.user.username
diff --git a/seahub/notifications/views.py b/seahub/notifications/views.py
index 7386cf57a7..6351bb7471 100644
--- a/seahub/notifications/views.py
+++ b/seahub/notifications/views.py
@@ -10,7 +10,7 @@ from django.utils.translation import ugettext as _
import seaserv
-from seahub.auth.decorators import login_required
+from seahub.auth.decorators import login_required, login_required_ajax
from seahub.notifications.models import Notification, NotificationForm, \
UserNotification
from seahub.notifications.utils import refresh_cache
@@ -78,7 +78,7 @@ def user_notification_list(request):
'notices_more': notices_more,
}, context_instance=RequestContext(request))
-@login_required
+@login_required_ajax
def user_notification_more(request):
"""Fetch next ``limit`` notifications starts from ``start``.
@@ -87,9 +87,6 @@ def user_notification_more(request):
- `start`:
- `limit`:
"""
- if not request.is_ajax():
- return Http404
-
username = request.user.username
start = int(request.GET.get('start', 0))
limit = int(request.GET.get('limit', 0))
diff --git a/seahub/share/urls.py b/seahub/share/urls.py
index 3888ad1e39..ff72cf62d8 100644
--- a/seahub/share/urls.py
+++ b/seahub/share/urls.py
@@ -14,11 +14,17 @@ urlpatterns = patterns('',
url(r'^link/get/$', get_shared_link, name='get_shared_link'),
url(r'^link/remove/$', remove_shared_link, name='remove_shared_link'),
+
+ url(r'^ajax/link/remove/$', ajax_remove_shared_link, name='ajax_remove_shared_link'),
+
url(r'^link/send/$', send_shared_link, name='send_shared_link'),
url(r'^link/save/$', save_shared_link, name='save_shared_link'),
url(r'^upload_link/get/$', get_shared_upload_link, name='get_shared_upload_link'),
url(r'^upload_link/remove/$', remove_shared_upload_link, name='remove_shared_upload_link'),
+
+ url(r'^ajax/upload_link/remove/$', ajax_remove_shared_upload_link, name='ajax_remove_shared_upload_link'),
+
url(r'^upload_link/send/$', send_shared_upload_link, name='send_shared_upload_link'),
url(r'^permission_admin/$', share_permission_admin, name='share_permission_admin'),
diff --git a/seahub/share/views.py b/seahub/share/views.py
index 02b290b35e..c7ea8ad9a4 100644
--- a/seahub/share/views.py
+++ b/seahub/share/views.py
@@ -27,7 +27,7 @@ from seahub.share.models import FileShare, PrivateFileDirShare, \
from seahub.share.signals import share_repo_to_user_successful
# from settings import ANONYMOUS_SHARE_COOKIE_TIMEOUT
# from tokens import anon_share_token_generator
-from seahub.auth.decorators import login_required
+from seahub.auth.decorators import login_required, login_required_ajax
from seahub.base.accounts import User
from seahub.base.decorators import user_mods_check
from seahub.contacts.models import Contact
@@ -542,7 +542,7 @@ def view_priv_shared_folder(request, repo_id):
url = reverse('repo', args=[repo.origin_repo_id]) + '?p=' + repo.origin_path
return HttpResponseRedirect(url)
-@login_required
+@login_required_ajax
def share_permission_admin(request):
"""Change repo share permission in ShareAdmin.
"""
@@ -692,14 +692,11 @@ def share_permission_admin(request):
# return HttpResponseRedirect(next)
########## share link
-@login_required
+@login_required_ajax
def get_shared_link(request):
"""
Handle ajax request to generate file or dir shared link.
"""
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
repo_id = request.GET.get('repo_id', '')
@@ -744,19 +741,24 @@ def remove_shared_link(request):
"""
token = request.GET.get('t')
- if not request.is_ajax():
- FileShare.objects.filter(token=token).delete()
- next = request.META.get('HTTP_REFERER', None)
- if not next:
- next = reverse('share_admin')
+ FileShare.objects.filter(token=token).delete()
+ next = request.META.get('HTTP_REFERER', None)
+ if not next:
+ next = reverse('share_admin')
- messages.success(request, _(u'Removed successfully'))
+ messages.success(request, _(u'Removed successfully'))
- return HttpResponseRedirect(next)
+ return HttpResponseRedirect(next)
+
+
+@login_required_ajax
+def ajax_remove_shared_link(request):
content_type = 'application/json; charset=utf-8'
result = {}
+ token = request.GET.get('t')
+
if not token:
result = {'error': _(u"Argument missing")}
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
@@ -770,6 +772,7 @@ def remove_shared_link(request):
result = {'error': _(u"The link doesn't exist")}
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
+
@login_required
def remove_shared_upload_link(request):
"""
@@ -777,19 +780,23 @@ def remove_shared_upload_link(request):
"""
token = request.GET.get('t')
- if not request.is_ajax():
- UploadLinkShare.objects.filter(token=token).delete()
- next = request.META.get('HTTP_REFERER', None)
- if not next:
- next = reverse('share_admin')
+ UploadLinkShare.objects.filter(token=token).delete()
+ next = request.META.get('HTTP_REFERER', None)
+ if not next:
+ next = reverse('share_admin')
- messages.success(request, _(u'Removed successfully'))
+ messages.success(request, _(u'Removed successfully'))
- return HttpResponseRedirect(next)
+ return HttpResponseRedirect(next)
+
+
+@login_required_ajax
+def ajax_remove_shared_upload_link(request):
content_type = 'application/json; charset=utf-8'
result = {}
+ token = request.GET.get('t')
if not token:
result = {'error': _(u"Argument missing")}
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
@@ -803,12 +810,13 @@ def remove_shared_upload_link(request):
result = {'error': _(u"The link doesn't exist")}
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
-@login_required
+
+@login_required_ajax
def send_shared_link(request):
"""
Handle ajax post request to send file shared link.
"""
- if not request.is_ajax() and not request.method == 'POST':
+ if not request.method == 'POST':
raise Http404
content_type = 'application/json; charset=utf-8'
@@ -1035,13 +1043,11 @@ def user_share_list(request, id_or_email):
'add_to_contacts': add_to_contacts,
}, context_instance=RequestContext(request))
-@login_required
+@login_required_ajax
def get_shared_upload_link(request):
"""
Handle ajax request to generate dir upload link.
"""
- if not request.is_ajax():
- raise Http404
content_type = 'application/json; charset=utf-8'
repo_id = request.GET.get('repo_id', '')
@@ -1085,12 +1091,12 @@ def get_shared_upload_link(request):
data = json.dumps({'token': token, 'shared_upload_link': shared_upload_link})
return HttpResponse(data, status=200, content_type=content_type)
-@login_required
+@login_required_ajax
def send_shared_upload_link(request):
"""
Handle ajax post request to send shared upload link.
"""
- if not request.is_ajax() and not request.method == 'POST':
+ if not request.method == 'POST':
raise Http404
content_type = 'application/json; charset=utf-8'
diff --git a/seahub/templates/client_mgmt.html b/seahub/templates/client_mgmt.html
deleted file mode 100644
index 4961774a34..0000000000
--- a/seahub/templates/client_mgmt.html
+++ /dev/null
@@ -1,124 +0,0 @@
-{% extends "home_base.html" %}
-
-{% load seahub_tags avatar_tags i18n %}
-
-{% block sub_title %}{% trans "Clients" %} - {% endblock %}
-{% block cur_clients %}tab-cur{% endblock %}
-
-{% block right_panel %}
-{% trans "Clients" %}
-{% if clients %}
-
-
- | {% trans "Client Name" %} |
- {% trans "Library" %} |
- {% trans "IP" %} |
- {% trans "Last Sync" %} |
- {% trans "Operations" %} |
-
- {% for client in clients %}
-
- |
- {% if client.peer_name %}
- {% if client.show_peer_name %}
- {{ client.peer_name }}
- {% endif %}
- {% else %}
- --
- {% endif %}
- |
-
- {{ client.repo_name }}
- |
-
- {% if client.peer_ip %}
- {{ client.peer_ip }}
- {% else %}
- --
- {% endif %}
- |
-
- {% if client.sync_time > 0 %}
- {{ client.sync_time|translate_seahub_time }}
- {% else %}
- {% trans "Not synced" %}
- {% endif %}
- |
-
-
- |
-
- {% endfor %}
-
-
-{% else %}
-
-
{% trans "You do not have connected clients" %}
-
{% trans "The libraries synced to desktop clients are listed in this page. You can see the client's name and its IP address. You may unsync a client from a library if you no longer want to sync it." %}
-
' + "{% trans "Failed. Please check the network." %}" + '
');
+ var error;
+ if (jqXHR.responseText) {
+ error = $.parseJSON(jqXHR.responseText).error;
+ } else {
+ error = "{% trans "Failed. Please check the network." %}";
}
+ dir_tree_cont.html('' + error + '
');
}
});
});
diff --git a/seahub/templates/repo_settings.html b/seahub/templates/repo_settings.html
index 17a320d62b..7c4ef5bb91 100644
--- a/seahub/templates/repo_settings.html
+++ b/seahub/templates/repo_settings.html
@@ -307,9 +307,9 @@ $('#remove-repo-shared-download-link, #remove-repo-shared-upload-link').click(fu
ajax_url;
if (id.indexOf('upload') != -1) {
- ajax_url = '{% url 'remove_shared_upload_link' %}';
+ ajax_url = '{% url 'ajax_remove_shared_upload_link' %}';
} else {
- ajax_url = '{% url 'remove_shared_link' %}';
+ ajax_url = '{% url 'ajax_remove_shared_link' %}';
}
$.ajax({
diff --git a/seahub/templates/snippets/add_file_js.html b/seahub/templates/snippets/add_file_js.html
index 67781519e1..9c493e6d5e 100644
--- a/seahub/templates/snippets/add_file_js.html
+++ b/seahub/templates/snippets/add_file_js.html
@@ -16,9 +16,13 @@ $('.add-file').click(function(){
}
},
error: function(jqXHR, textStatus, errorThrown) {
- if (!jqXHR.responseText) {
- file_tree_cont.html('' + "{% trans "Failed. Please check the network." %}" + '
');
+ var error;
+ if (jqXHR.responseText) {
+ error = $.parseJSON(jqXHR.responseText).error;
+ } else {
+ error = "{% trans "Failed. Please check the network." %}";
}
+ file_tree_cont.html('' + error + '
');
}
});
});
diff --git a/seahub/templates/snippets/bottom_bar.html b/seahub/templates/snippets/bottom_bar.html
index 9733989f4d..c074f8bc9e 100644
--- a/seahub/templates/snippets/bottom_bar.html
+++ b/seahub/templates/snippets/bottom_bar.html
@@ -40,7 +40,7 @@ $('#discuss').click(function() {
error: function(jqXHR, textStatus, errorThrown) {
var err_str = '';
if (jqXHR.responseText) {
- err_str = $.parseJSON(jqXHR.responseText).err;
+ err_str = $.parseJSON(jqXHR.responseText).error;
feedback(err_str, 'error');
}
}
@@ -98,13 +98,13 @@ $('#discuss-submit').click(function() {
form.find('.input').val('');
}
if(data['err']) {
- feedback(data['err'], 'error');
+ feedback(data['error'], 'error');
}
},
error: function(jqXHR, textStatus, errorThrown) {
var err_str = '';
if (jqXHR.responseText) {
- err_str = $.parseJSON(jqXHR.responseText).err;
+ err_str = $.parseJSON(jqXHR.responseText).error;
} else {
err_str = "{% trans "Failed. Please check the network." %}";
}
diff --git a/seahub/templates/snippets/shared_link_js.html b/seahub/templates/snippets/shared_link_js.html
index ac86b16a98..4ea96fc859 100644
--- a/seahub/templates/snippets/shared_link_js.html
+++ b/seahub/templates/snippets/shared_link_js.html
@@ -311,7 +311,7 @@ $('#rm-shared-link').click(function() {
token = obj.data('token');
$.ajax({
- url: '{% url 'remove_shared_link' %}?t=' + token,
+ url: '{% url 'ajax_remove_shared_link' %}?t=' + token,
dataType: 'json',
cache: false,
success: function(data) {
@@ -468,7 +468,7 @@ $('#rm-shared-upload-link').click(function() {
token = obj.data('upload-token');
$.ajax({
- url: '{% url 'remove_shared_upload_link' %}?t=' + token,
+ url: '{% url 'ajax_remove_shared_upload_link' %}?t=' + token,
dataType: 'json',
cache: false,
success: function(data) {
diff --git a/seahub/urls.py b/seahub/urls.py
index 67c777f8d4..259867a7e2 100644
--- a/seahub/urls.py
+++ b/seahub/urls.py
@@ -49,8 +49,6 @@ urlpatterns = patterns('',
url(r'^home/wiki_page_edit/(?P[^/]+)$', personal_wiki_page_edit, name='personal_wiki_page_edit'),
url(r'^home/wiki_page_delete/(?P[^/]+)$', personal_wiki_page_delete, name='personal_wiki_page_delete'),
- # url(r'^home/clients/$', client_mgmt, name='client_mgmt'),
- # url(r'^home/clients/unsync/$', client_unsync, name='client_unsync'),
url(r'^devices/$', devices, name='devices'),
url(r'^home/devices/unlink/$', unlink_device, name='unlink_device'),
diff --git a/seahub/views/__init__.py b/seahub/views/__init__.py
index 07f4440667..54d2c270b4 100644
--- a/seahub/views/__init__.py
+++ b/seahub/views/__init__.py
@@ -34,7 +34,7 @@ from seaserv import seafile_api
from pysearpc import SearpcError
from seahub.avatar.util import get_avatar_file_storage
-from seahub.auth.decorators import login_required
+from seahub.auth.decorators import login_required, login_required_ajax
from seahub.auth import login as auth_login
from seahub.auth import authenticate, get_backends
from seahub.base.accounts import User
@@ -527,7 +527,7 @@ def repo_settings(request, repo_id):
'repo_shared_links': repo_shared_links,
}, context_instance=RequestContext(request))
-@login_required
+@login_required_ajax
def repo_owner(request, repo_id):
"""Handle post request to transfer library owner.
"""
@@ -584,7 +584,7 @@ def repo_owner(request, repo_id):
return HttpResponse(json.dumps({'success': True}),
content_type=content_type)
-@login_required
+@login_required_ajax
def repo_change_passwd(request, repo_id):
"""Handle ajax post request to change library password.
"""
@@ -1056,11 +1056,8 @@ def devices(request):
"devices": user_devices,
}, context_instance=RequestContext(request))
-@login_required
+@login_required_ajax
def unlink_device(request):
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
platform = request.POST.get('platform', '')
@@ -1078,58 +1075,6 @@ def unlink_device(request):
return HttpResponse(json.dumps({'success': True}), content_type=content_type)
-@login_required
-@user_mods_check
-def client_mgmt(request):
- username = request.user.username
-
- clients = []
- try:
- clients = seafile_api.list_repo_tokens_by_email(username)
- except:
- pass
-
- filter_clients = []
- for c in clients:
- if c.peer_name is not None:
- filter_clients.append(c)
-
- if filter_clients:
- filter_clients.sort(key=lambda client: client.peer_name)
- for i, client in enumerate(filter_clients):
- if i == 0:
- client.show_peer_name = True
- else:
- if client.peer_name != filter_clients[i-1].peer_name:
- client.show_peer_name = True
-
- return render_to_response('client_mgmt.html', {
- 'clients': filter_clients,
- }, context_instance=RequestContext(request))
-
-@login_required
-def client_unsync(request):
- if not request.is_ajax():
- raise Http404
-
- content_type = 'application/json; charset=utf-8'
-
- repo_id = request.GET.get('repo_id', '')
- token = request.GET.get('token', '')
-
- if not (repo_id and token):
- return HttpResponse(json.dumps({'error': _(u'Argument missing')}),
- status=400, content_type=content_type)
-
- username = request.user.username
- try:
- seafile_api.delete_repo_token(repo_id, token, username)
- return HttpResponse(json.dumps({'success': True}),
- content_type=content_type)
- except:
- return HttpResponse(json.dumps({'error': _(u'Internal server error')}),
- status=500, content_type=content_type)
-
@login_required
def unsetinnerpub(request, repo_id):
"""Unshare repos in organization or in share admin page.
@@ -1708,6 +1653,7 @@ def pubuser(request):
'page_range': page_range,
}, context_instance=RequestContext(request))
+@login_required_ajax
def repo_set_password(request):
content_type = 'application/json; charset=utf-8'
diff --git a/seahub/views/ajax.py b/seahub/views/ajax.py
index de37485fb3..0a3401b69b 100644
--- a/seahub/views/ajax.py
+++ b/seahub/views/ajax.py
@@ -18,7 +18,7 @@ from seaserv import seafile_api, seafserv_rpc, is_passwd_set, \
get_user_quota_usage, get_user_share_usage
from pysearpc import SearpcError
-from seahub.auth.decorators import login_required
+from seahub.auth.decorators import login_required_ajax
from seahub.contacts.models import Contact
from seahub.forms import RepoNewDirentForm, RepoRenameDirentForm, \
RepoCreateForm, SharedRepoCreateForm
@@ -57,14 +57,11 @@ def is_group_user(gid, username):
return seaserv.is_group_user(gid, username)
########## repo related
-@login_required
+@login_required_ajax
def get_dirents(request, repo_id):
"""
Get dirents in a dir for file tree
"""
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
# permission checking
@@ -79,7 +76,7 @@ def get_dirents(request, repo_id):
all_dir = request.GET.get('all_dir', False)
if not path:
err_msg = _(u"No path.")
- return HttpResponse(json.dumps({"err_msg": err_msg}), status=400,
+ return HttpResponse(json.dumps({"error": err_msg}), status=400,
content_type=content_type)
# get dirents for every path element
@@ -104,7 +101,7 @@ def get_dirents(request, repo_id):
try:
dirents = seafile_api.list_dir_by_path(repo_id, path.encode('utf-8'))
except SearpcError, e:
- return HttpResponse(json.dumps({"err_msg": e.msg}), status=500,
+ return HttpResponse(json.dumps({"error": e.msg}), status=500,
content_type=content_type)
d_list = []
@@ -144,28 +141,24 @@ def get_dirents(request, repo_id):
f_list.sort(lambda x, y : cmp(x['name'].lower(), y['name'].lower()))
return HttpResponse(json.dumps(d_list + f_list), content_type=content_type)
-@login_required
+@login_required_ajax
def get_unenc_group_repos(request, group_id):
'''
Get unenc repos in a group.
'''
-
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
group_id_int = int(group_id)
group = get_group(group_id_int)
if not group:
err_msg = _(u"The group doesn't exist")
- return HttpResponse(json.dumps({"err_msg": err_msg}), status=400,
+ return HttpResponse(json.dumps({"error": err_msg}), status=400,
content_type=content_type)
joined = is_group_user(group_id_int, request.user.username)
if not joined and not request.user.is_staff:
err_msg = _(u"Permission denied")
- return HttpResponse(json.dumps({"err_msg": err_msg}), status=403,
+ return HttpResponse(json.dumps({"error": err_msg}), status=403,
content_type=content_type)
repos = seafile_api.get_group_repo_list(group_id_int)
@@ -177,13 +170,10 @@ def get_unenc_group_repos(request, group_id):
repo_list.sort(lambda x, y : cmp(x['name'].lower(), y['name'].lower()))
return HttpResponse(json.dumps(repo_list), content_type=content_type)
-@login_required
+@login_required_ajax
def get_my_unenc_repos(request):
"""Get my owned and unencrypted repos.
"""
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
repos = get_owned_repo_list(request)
@@ -196,16 +186,13 @@ def get_my_unenc_repos(request):
repo_list.sort(lambda x, y: cmp(x['name'].lower(), y['name'].lower()))
return HttpResponse(json.dumps(repo_list), content_type=content_type)
-@login_required
+@login_required_ajax
def unenc_rw_repos(request):
"""Get a user's unencrypt repos that he/she can read-write.
Arguments:
- `request`:
"""
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
acc_repos = get_unencry_rw_repos_by_user(request)
@@ -216,14 +203,11 @@ def unenc_rw_repos(request):
repo_list.sort(lambda x, y: cmp(x['name'].lower(), y['name'].lower()))
return HttpResponse(json.dumps(repo_list), content_type=content_type)
-@login_required
+@login_required_ajax
def list_dir(request, repo_id):
"""
List directory entries in AJAX.
"""
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
repo = get_repo(repo_id)
@@ -303,14 +287,11 @@ def list_dir(request, repo_id):
return HttpResponse(json.dumps({'html': html, 'path': path}),
content_type=content_type)
-@login_required
+@login_required_ajax
def list_dir_more(request, repo_id):
"""
List 'more' entries in a directory with AJAX.
"""
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
repo = get_repo(repo_id)
@@ -381,7 +362,7 @@ def new_dirent_common(func):
"""Decorator for common logic in creating directory and file.
"""
def _decorated(request, repo_id, *args, **kwargs):
- if request.method != 'POST' or not request.is_ajax():
+ if request.method != 'POST':
raise Http404
result = {}
@@ -422,7 +403,7 @@ def new_dirent_common(func):
return func(repo.id, parent_dir, dirent_name, username)
return _decorated
-@login_required
+@login_required_ajax
@new_dirent_common
def new_dir(repo_id, parent_dir, dirent_name, username):
"""
@@ -442,7 +423,7 @@ def new_dir(repo_id, parent_dir, dirent_name, username):
return HttpResponse(json.dumps({'success': True, 'name': dirent_name}),
content_type=content_type)
-@login_required
+@login_required_ajax
@new_dirent_common
def new_file(repo_id, parent_dir, dirent_name, username):
"""
@@ -462,12 +443,12 @@ def new_file(repo_id, parent_dir, dirent_name, username):
return HttpResponse(json.dumps({'success': True, 'name': dirent_name}),
content_type=content_type)
-@login_required
+@login_required_ajax
def rename_dirent(request, repo_id):
"""
Rename a file/dir in a repo, with ajax
"""
- if request.method != 'POST' or not request.is_ajax():
+ if request.method != 'POST':
raise Http404
result = {}
@@ -521,14 +502,11 @@ def rename_dirent(request, repo_id):
return HttpResponse(json.dumps({'success': True}),
content_type=content_type)
-@login_required
+@login_required_ajax
def delete_dirent(request, repo_id):
"""
Delete a file/dir with ajax.
"""
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
repo = get_repo(repo_id)
@@ -563,14 +541,11 @@ def delete_dirent(request, repo_id):
return HttpResponse(json.dumps({'error': err_msg}),
status=500, content_type=content_type)
-@login_required
+@login_required_ajax
def delete_dirents(request, repo_id):
"""
Delete multi files/dirs with ajax.
"""
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
repo = get_repo(repo_id)
@@ -611,7 +586,7 @@ def copy_move_common(func):
"""Decorator for common logic in copying/moving dir/file.
"""
def _decorated(request, repo_id, *args, **kwargs):
- if request.method != 'POST' or not request.is_ajax():
+ if request.method != 'POST':
raise Http404
result = {}
@@ -661,7 +636,7 @@ def copy_move_common(func):
return func(repo_id, path, dst_repo_id, dst_path, obj_name, username)
return _decorated
-@login_required
+@login_required_ajax
@copy_move_common
def mv_file(src_repo_id, src_path, dst_repo_id, dst_path, obj_name, username):
result = {}
@@ -691,7 +666,7 @@ def mv_file(src_repo_id, src_path, dst_repo_id, dst_path, obj_name, username):
return HttpResponse(json.dumps(result), content_type=content_type)
-@login_required
+@login_required_ajax
@copy_move_common
def cp_file(src_repo_id, src_path, dst_repo_id, dst_path, obj_name, username):
result = {}
@@ -721,7 +696,7 @@ def cp_file(src_repo_id, src_path, dst_repo_id, dst_path, obj_name, username):
return HttpResponse(json.dumps(result), content_type=content_type)
-@login_required
+@login_required_ajax
@copy_move_common
def mv_dir(src_repo_id, src_path, dst_repo_id, dst_path, obj_name, username):
result = {}
@@ -758,7 +733,7 @@ def mv_dir(src_repo_id, src_path, dst_repo_id, dst_path, obj_name, username):
return HttpResponse(json.dumps(result), content_type=content_type)
-@login_required
+@login_required_ajax
@copy_move_common
def cp_dir(src_repo_id, src_path, dst_repo_id, dst_path, obj_name, username):
result = {}
@@ -802,7 +777,7 @@ def dirents_copy_move_common(func):
"""
def _decorated(request, repo_id, *args, **kwargs):
- if request.method != 'POST' or not request.is_ajax():
+ if request.method != 'POST':
raise Http404
result = {}
@@ -854,7 +829,7 @@ def dirents_copy_move_common(func):
return func(repo_id, parent_dir, dst_repo_id, dst_path, obj_file_names, obj_dir_names, username)
return _decorated
-@login_required
+@login_required_ajax
@dirents_copy_move_common
def mv_dirents(src_repo_id, src_path, dst_repo_id, dst_path, obj_file_names, obj_dir_names, username):
result = {}
@@ -893,7 +868,7 @@ def mv_dirents(src_repo_id, src_path, dst_repo_id, dst_path, obj_file_names, obj
result = {'success': success, 'failed': failed, 'url': url, 'task_ids': task_ids}
return HttpResponse(json.dumps(result), content_type=content_type)
-@login_required
+@login_required_ajax
@dirents_copy_move_common
def cp_dirents(src_repo_id, src_path, dst_repo_id, dst_path, obj_file_names, obj_dir_names, username):
result = {}
@@ -932,14 +907,11 @@ def cp_dirents(src_repo_id, src_path, dst_repo_id, dst_path, obj_file_names, obj
result = {'success': success, 'failed': failed, 'url': url, 'task_ids': task_ids}
return HttpResponse(json.dumps(result), content_type=content_type)
-@login_required
+@login_required_ajax
def get_cp_progress(request):
'''
Fetch progress of file/dir mv/cp.
'''
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
result = {}
@@ -964,14 +936,11 @@ def get_cp_progress(request):
return HttpResponse(json.dumps(result), content_type=content_type)
-@login_required
+@login_required_ajax
def get_multi_cp_progress(request):
'''
Fetch progress of multi files/dirs mv/cp.
'''
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
result = {}
@@ -997,14 +966,11 @@ def get_multi_cp_progress(request):
result['fail'] = fail
return HttpResponse(json.dumps(result), content_type=content_type)
-@login_required
+@login_required_ajax
def cancel_cp(request):
'''
cancel file/dir mv/cp.
'''
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
result = {}
@@ -1024,11 +990,8 @@ def cancel_cp(request):
return HttpResponse(json.dumps(result), status=400,
content_type=content_type)
-@login_required
+@login_required_ajax
def repo_star_file(request, repo_id):
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
path = request.GET.get('file', '')
@@ -1041,11 +1004,8 @@ def repo_star_file(request, repo_id):
return HttpResponse(json.dumps({'success':True}), content_type=content_type)
-@login_required
+@login_required_ajax
def repo_unstar_file(request, repo_id):
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
path = request.GET.get('file', '')
@@ -1058,11 +1018,8 @@ def repo_unstar_file(request, repo_id):
return HttpResponse(json.dumps({'success':True}), content_type=content_type)
########## contacts related
-@login_required
+@login_required_ajax
def get_contacts(request):
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
username = request.user.username
@@ -1074,11 +1031,8 @@ def get_contacts(request):
return HttpResponse(json.dumps({"contacts":contact_list}), content_type=content_type)
-@login_required
+@login_required_ajax
def get_current_commit(request, repo_id):
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
repo = get_repo(repo_id)
@@ -1127,15 +1081,12 @@ def get_current_commit(request, repo_id):
return HttpResponse(json.dumps({'html': html}),
content_type=content_type)
-@login_required
+@login_required_ajax
def sub_repo(request, repo_id):
'''
check if a dir has a corresponding sub_repo
if it does not have, create one
'''
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
result = {}
@@ -1180,10 +1131,8 @@ def sub_repo(request, repo_id):
return HttpResponse(json.dumps(result), content_type=content_type)
+@login_required_ajax
def download_enc_file(request, repo_id, file_id):
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
result = {}
@@ -1255,22 +1204,14 @@ def upload_file_done(request):
return HttpResponse(json.dumps({'success': True}), content_type=ct)
+@login_required_ajax
def unseen_notices_count(request):
"""Count user's unseen notices.
Arguments:
- `request`:
"""
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
-
- if not request.user.is_authenticated():
- return HttpResponse(json.dumps({
- 'error': _('Please log in.')
- }), status=400, content_type=content_type)
-
username = request.user.username
count = UserNotification.objects.count_unseen_user_notifications(username)
@@ -1278,6 +1219,7 @@ def unseen_notices_count(request):
result['count'] = count
return HttpResponse(json.dumps(result), content_type=content_type)
+@login_required_ajax
def get_popup_notices(request):
"""Get user's notifications.
@@ -1289,16 +1231,7 @@ def get_popup_notices(request):
Arguments:
- `request`:
"""
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
-
- if not request.user.is_authenticated():
- return HttpResponse(json.dumps({
- 'error': _('Please log in.')
- }), status=400, content_type=content_type)
-
username = request.user.username
result_notices = []
@@ -1371,16 +1304,13 @@ def get_popup_notices(request):
"notice_html": notice_html,
}), content_type=content_type)
-@login_required
+@login_required_ajax
def set_notices_seen(request):
"""Set user's notices seen:
Arguments:
- `request`:
"""
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
username = request.user.username
@@ -1392,16 +1322,13 @@ def set_notices_seen(request):
return HttpResponse(json.dumps({'success': True}), content_type=content_type)
-@login_required
+@login_required_ajax
def set_notice_seen_by_id(request):
"""
Arguments:
- `request`:
"""
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
notice_id = request.GET.get('notice_id')
@@ -1412,14 +1339,8 @@ def set_notice_seen_by_id(request):
return HttpResponse(json.dumps({'success': True}), content_type=content_type)
-@login_required
+@login_required_ajax
def repo_remove(request, repo_id):
- if not request.is_ajax():
- raise Http404
-
- ct = 'application/json; charset=utf-8'
- result = {}
-
if get_system_default_repo_id() == repo_id:
result['error'] = _(u'System library can not be deleted.')
return HttpResponse(json.dumps(result), status=403, content_type=ct)
@@ -1471,17 +1392,10 @@ def repo_remove(request, repo_id):
result['error'] = _(u'Permission denied.')
return HttpResponse(json.dumps(result), status=403, content_type=ct)
+@login_required_ajax
def space_and_traffic(request):
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
- if not request.user.is_authenticated():
- return HttpResponse(json.dumps({
- 'error': _('Please log in.')
- }), status=400, content_type=content_type)
-
username = request.user.username
quota = seafserv_threaded_rpc.get_user_quota(username)
@@ -1625,16 +1539,13 @@ def get_group_repos(request, groups):
group_repos.append(r)
return group_repos
-@login_required
+@login_required_ajax
def my_shared_and_group_repos(request):
"""Return html snippet of repos that shared to user and group repos.
Arguments:
- `request`:
"""
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
# shared
@@ -1672,13 +1583,10 @@ def my_shared_and_group_repos(request):
}
return HttpResponse(json.dumps(ret), content_type=content_type)
-@login_required
+@login_required_ajax
def get_file_op_url(request, repo_id):
"""Get file upload/update url for AJAX.
"""
- if not request.is_ajax():
- raise Http404
-
content_type = 'application/json; charset=utf-8'
op_type = request.GET.get('op_type') # value can be 'upload', 'update', 'upload-blks', 'update-blks'
@@ -1696,11 +1604,8 @@ def get_file_op_url(request, repo_id):
return HttpResponse(json.dumps({"url": url}), content_type=content_type)
-@login_required
+@login_required_ajax
def repo_history_changes(request, repo_id):
- if not request.is_ajax():
- return Http404
-
changes = {}
content_type = 'application/json; charset=utf-8'
@@ -1743,13 +1648,13 @@ def repo_history_changes(request, repo_id):
return HttpResponse(json.dumps(changes), content_type=content_type)
-@login_required
+@login_required_ajax
def repo_create(request):
'''
Handle ajax post to create a library.
'''
- if not request.is_ajax() or request.method != 'POST':
+ if request.method != 'POST':
return Http404
result = {}
@@ -1819,13 +1724,13 @@ def repo_create(request):
repo_name=repo_name)
return HttpResponse(json.dumps(result), content_type=content_type)
-@login_required
+@login_required_ajax
def public_repo_create(request):
'''
Handle ajax post to create public repo.
'''
- if not request.is_ajax() or request.method != 'POST':
+ if request.method != 'POST':
return Http404
result = {}
@@ -1874,11 +1779,8 @@ def public_repo_create(request):
repo_name=repo_name)
return HttpResponse(json.dumps(result), content_type=content_type)
-@login_required
+@login_required_ajax
def events(request):
- if not request.is_ajax():
- raise Http404
-
events_count = 15
username = request.user.username
start = int(request.GET.get('start'))
diff --git a/seahub/views/sysadmin.py b/seahub/views/sysadmin.py
index 4a3d5503be..abfb2d827a 100644
--- a/seahub/views/sysadmin.py
+++ b/seahub/views/sysadmin.py
@@ -22,7 +22,7 @@ from pysearpc import SearpcError
from seahub.base.accounts import User
from seahub.base.models import UserLastLogin
from seahub.base.decorators import sys_staff_required
-from seahub.auth.decorators import login_required
+from seahub.auth.decorators import login_required, login_required_ajax
from seahub.utils import IS_EMAIL_CONFIGURED, string2list, is_valid_username
from seahub.views import get_system_default_repo_id
from seahub.forms import SetUserQuotaForm, AddUserForm, BatchAddUserForm
@@ -343,10 +343,10 @@ def user_info(request, email):
'd_profile': d_profile,
}, context_instance=RequestContext(request))
-@login_required
+@login_required_ajax
@sys_staff_required
def user_set_quota(request, email):
- if not request.is_ajax() or request.method != 'POST':
+ if request.method != 'POST':
raise Http404
content_type = 'application/json; charset=utf-8'
@@ -361,7 +361,7 @@ def user_set_quota(request, email):
try:
seafile_api.set_user_quota(email, quota)
except:
- result['error'] = _(u'Failed to set quota: internal error')
+ result['error'] = _(u'Failed to set quota: internal server error')
return HttpResponse(json.dumps(result), status=500, content_type=content_type)
result['success'] = True
@@ -463,7 +463,7 @@ def email_user_on_activation(user):
send_html_email(_(u'Your account on %s is activated') % SITE_NAME,
'sysadmin/user_activation_email.html', c, None, [user.email])
-@login_required
+@login_required_ajax
@sys_staff_required
def user_toggle_status(request, user_id):
content_type = 'application/json; charset=utf-8'
@@ -558,31 +558,44 @@ def send_user_add_mail(request, email, password):
send_html_email(_(u'You are invited to join %s') % SITE_NAME,
'sysadmin/user_add_email.html', c, None, [email])
-@login_required
+@login_required_ajax
def user_add(request):
"""Add a user"""
- if not request.user.is_staff:
+ if not request.user.is_staff or request.method != 'POST':
raise Http404
content_type = 'application/json; charset=utf-8'
- if request.method == 'POST':
- post_values = request.POST.copy()
- post_email = request.POST.get('email', '')
- post_values.update({'email': post_email.lower()})
- form = AddUserForm(post_values)
- if form.is_valid():
- email = form.cleaned_data['email']
- password = form.cleaned_data['password1']
+ post_values = request.POST.copy()
+ post_email = request.POST.get('email', '')
+ post_values.update({'email': post_email.lower()})
- user = User.objects.create_user(email, password, is_staff=False,
- is_active=True)
- if request.user.org:
- org_id = request.user.org.org_id
- url_prefix = request.user.org.url_prefix
- ccnet_threaded_rpc.add_org_user(org_id, email, 0)
- if IS_EMAIL_CONFIGURED:
+ form = AddUserForm(post_values)
+ if form.is_valid():
+ email = form.cleaned_data['email']
+ password = form.cleaned_data['password1']
+
+ user = User.objects.create_user(email, password, is_staff=False,
+ is_active=True)
+ if request.user.org:
+ org_id = request.user.org.org_id
+ url_prefix = request.user.org.url_prefix
+ ccnet_threaded_rpc.add_org_user(org_id, email, 0)
+ if IS_EMAIL_CONFIGURED:
+ try:
+ send_user_add_mail(request, email, password)
+ messages.success(request, _(u'Successfully added user %s. An email notification has been sent.') % email)
+ except Exception, e:
+ logger.error(str(e))
+ messages.success(request, _(u'Successfully added user %s. An error accurs when sending email notification, please check your email configuration.') % email)
+ else:
+ messages.success(request, _(u'Successfully added user %s.') % email)
+
+ return HttpResponse(json.dumps({'success': True}), content_type=content_type)
+ else:
+ if IS_EMAIL_CONFIGURED:
+ if SEND_EMAIL_ON_ADDING_SYSTEM_MEMBER:
try:
send_user_add_mail(request, email, password)
messages.success(request, _(u'Successfully added user %s. An email notification has been sent.') % email)
@@ -591,25 +604,12 @@ def user_add(request):
messages.success(request, _(u'Successfully added user %s. An error accurs when sending email notification, please check your email configuration.') % email)
else:
messages.success(request, _(u'Successfully added user %s.') % email)
-
- return HttpResponse(json.dumps({'success': True}), content_type=content_type)
else:
- if IS_EMAIL_CONFIGURED:
- if SEND_EMAIL_ON_ADDING_SYSTEM_MEMBER:
- try:
- send_user_add_mail(request, email, password)
- messages.success(request, _(u'Successfully added user %s. An email notification has been sent.') % email)
- except Exception, e:
- logger.error(str(e))
- messages.success(request, _(u'Successfully added user %s. An error accurs when sending email notification, please check your email configuration.') % email)
- else:
- messages.success(request, _(u'Successfully added user %s.') % email)
- else:
- messages.success(request, _(u'Successfully added user %s. But email notification can not be sent, because Email service is not properly configured.') % email)
+ messages.success(request, _(u'Successfully added user %s. But email notification can not be sent, because Email service is not properly configured.') % email)
- return HttpResponse(json.dumps({'success': True}), content_type=content_type)
- else:
- return HttpResponse(json.dumps({'err': str(form.errors)}), status=400, content_type=content_type)
+ return HttpResponse(json.dumps({'success': True}), content_type=content_type)
+ else:
+ return HttpResponse(json.dumps({'err': str(form.errors)}), status=400, content_type=content_type)
@login_required
@sys_staff_required
@@ -808,12 +808,12 @@ def sys_traffic_admin(request):
},
context_instance=RequestContext(request))
-@login_required
+@login_required_ajax
@sys_staff_required
def batch_user_make_admin(request):
"""Batch make users as admins.
"""
- if not request.is_ajax() or request.method != 'POST':
+ if request.method != 'POST':
raise Http404
result = {}